Message sender security in messaging system

ABSTRACT

Some embodiments include a method of providing security and privacy for a message sender. The method can include a messaging application determining that a messaging interface of the computing device is active and is revealing or about to reveal the electronic message. The messaging application can identify a recipient account of a messaging server system that is associated with the electronic message according to the electronic message or the messaging server system. The messaging application can then monitor a data feed from a sensor of the computing device to detect a biometric pattern that matches against a biometric profile model associated with the recipient account utilizing a biometric recognition process. In response to determining that the detected biometric pattern does not match the biometric profile model associated with the recipient account, the messaging application can activate a privacy shield to prevent content of the electronic message from being revealed.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a continuation of and claims the benefit of U.S.patent application Ser. No. 15/786,154, entitled “MESSAGE SENDERSECURITY IN MESSAGING SYSTEM,” which was filed Oct. 17, 2017, which is acontinuation of and claims the benefit of U.S. patent application Ser.No. 14/643,800, entitled “MESSAGE SENDER SECURITY IN MESSAGING SYSTEM,”which was filed Mar. 10, 2015 and was issued at U.S. Pat. No. 9,817,960on Nov. 14, 2017, which claimed priority to U.S. Provisional PatentApplication No. 61/950,423, entitled “BIOMETRIC FOR MOBILE ACCESS,”which was filed on Mar. 10, 2014; U.S. Provisional Patent ApplicationNo. 61/985,059, entitled “USE OF BIOMETRIC FOR ACCESS TO DATA DEVICE ANDASSOCIATED SOLUTIONS FOR DIFFICULT BIOMETRIC READING SCENARIOS,” whichwas filed on Apr. 28, 2014; and U.S. Provisional Patent Application No.62/042,561, entitled “MESSAGE SENDER SECURITY IN MESSAGING SYSTEM,”which was filed on Aug. 27, 2014; which are all incorporated byreference herein in their entireties.

RELATED FIELD

At least one embodiment of this disclosure relates generally to anelectronic messaging system, and in particular to privacy and securityof an electronic messaging system.

BACKGROUND

With the wide availability of mobile devices, in some areas/cultures,electronic messaging is becoming an integral part of a person's life.Because of this, privacy and security concerns arise over the use ofsuch systems. Conventional technology protects against privacyviolations by providing a screen lock on a mobile device whenever themobile device is not used. An authorized user can unlock the screen bytyping in a passcode into the mobile device. However, the passcode isknowledge that is transferable, and hence may be stolen. Furthermore,the screen lock prevents access to other applications on the mobiledevice, making it unnecessarily inconvenient. Other solutions protectsagainst violation by scheduling the destruction of a message to ensurethat content therein does not survive indefinitely.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1A is a diagram illustrating a messaging application of a mobiledevice revealing content of a message when a facial profile associatedwith a recipient account is recognized, in accordance with variousembodiments.

FIG. 1B is a diagram illustrating a messaging application of a mobiledevice hiding content of a message when a facial profile associated witha recipient account is not detected, in accordance with variousembodiments.

FIG. 1C is a diagram illustrating a messaging application of a mobiledevice hiding content of a message when a facial profile associated witha recipient account is detected and a second unauthorized facial profileis detected, in accordance with various embodiments.

FIG. 2 is a block diagram of a system environment of a messaging systemimplementing a biometric security mechanism, in accordance with variousembodiments.

FIG. 3A is a flow chart of a method of operating a messaging applicationon a mobile device to register a user account on a messaging serversystem, in accordance with various embodiments.

FIG. 3B is a flow chart of a method of operating a messaging applicationon a computing device to send a message, in accordance with variousembodiments.

FIG. 3C is a flow chart of a method of operating a messaging applicationon a computing device to access a message, in accordance with variousembodiments.

FIG. 4 is a block diagram of an example of a computing device, which mayrepresent one or more computing device or server described herein, inaccordance with various embodiments.

The figures depict various embodiments of this disclosure for purposesof illustration only. One skilled in the art will readily recognize fromthe following discussion that alternative embodiments of the structuresand methods illustrated herein may be employed without departing fromthe principles of the invention described herein.

DETAILED DESCRIPTION

Several embodiments pertain to protecting messages through a messagingsystem having a biometric security mechanism. The messaging systemincludes a message server system comprising one or more computer serversand messaging applications running on end-user devices. The end-userdevices, for example, can include a desktop computer, a smart phone, atablet, a wearable device, a gaming console, a smart TV, otherelectronic gadget, or any combination thereof. The messagingapplications act as independent agents for the messaging system. Forexample, a messaging application may be installed on a general-purposeoperating system (e.g., Windows, android, iOS, etc.). The messagingapplication can also be implemented by client-side script (e.g.,JavaScript or Flash™) that may be executed on a web browser of theend-user devices.

The biometric security mechanism can be implemented via the messagingapplication. Unlike the conventional security mechanism that onlyprotects privacy of the user of the recipient user device, the disclosedbiometric security mechanism also protects the privacy and security ofthe sender of the message. This enables a new paradigm of protection forstakeholders (e.g., the message senders), who are conventionallyhopelessly dependent on the message recipients to protect theirinterests.

The biometric security mechanism implements a biometric recognitionprocess to verify one or more identities as authorized by the messagesenders. For example, the biometric recognition process may be based onfacial recognition, ear recognition, silhouette recognition, speakerrecognition, fingerprint recognition, device motion pattern recognition,tactile contact pattern recognition, etc. The biometric securitymechanism can detect biometric patterns utilizing a sensor, such as acamera, a microphone, an accelerometer, a touch sensor, a gyroscope,other inertial sensor(s), other optical or radiofrequency (RF)sensor(s), etc. In some embodiments, the biometric patterns are matchedagainst one or more profile models authorized by the message sender. Insome embodiments, the biometric security mechanism can profile thebiometric patterns of one or more users into one or more profile modelsutilizing machine learning algorithms, such as support vector machines,Gaussian mixture models, hidden Markov models, etc. This profiling canoccur passively during the registration of a messaging system accountand/or thereafter when the messaging system account is engaged with themessaging application. Based on the profiles of the users, the biometricsecurity mechanism can recognize a user in real-time by matching thebiometric pattern detected by a sensor through the profile model.

The biometric security mechanism is instantiated whenever the messaginginterface of the message application is actively opened and running onan end-user device. The biometric security mechanism utilizes one ormore types of biometric recognition processes to determine whether thepeople who have access to the end-user device (e.g., looking at thescreen of the end-user device) are consistent with the privacy settingsof the sender account and the recipient account.

To use the messaging application on a user device, a user may have toidentify a messaging system account associated with the messagingsystem. The biometric security mechanism uses the one or more types ofbiometric recognition processes to ensure that an operator using themessaging application matches a biometric profile associated with themessaging system account. This procedure ensures that a third party(e.g., a brother or a classmate) cannot send messages on behalf of theuser. In the case that there are multiple operators for the sameend-user device, this procedure also ensures that independent privatesessions of using the messaging application can be established based onautomatic biometric recognition. That is, even with a recipient'spermission, a message is protecting against unauthorized sharing when adetected viewer is not authorized (e.g., not recognized with respect toknown profile models or the recognized profile is not authorized)according to a message sender's permission setting.

The biometric security mechanism can provide customizable privacyshields per message or conversation. These privacy shields may becustomized by privacy settings dictated by the sender of the message orthe initiator of the conversation. The biometric security mechanism canuse the one or more types of biometric recognition processes to ensurethat the operator using the messaging application matches an authorizedbiometric profile in accordance with a privacy setting of an individualconversation or message. For example, the default privacy setting may bethat the message or conversation is revealed when a biometric profile ofthe recipient account is recognized by the biometric security mechanism.In another example, the default privacy setting may be that the messageor conversation is revealed when only the biometric profile of therecipient account is recognized without the presence of other detectedhuman beings in the proximate area of the recipient end-user device.

In some embodiments, the privacy setting can indicate a singleauthorized account or biometric profile. In some embodiments, theprivacy setting can indicate a group of authorized accounts or biometricprofiles. In some embodiments, the privacy setting can indicate anattribute of a biometric profile, such as age, gender, facial gesture,facial expression, vocal pitch, etc. The attribute can be the solevariable to authorize a person. For example, the privacy setting canindicate that any female face (e.g., in the case of facial recognition)or any female voice (e.g., in the case of speaker recognition) would beauthorized. The attribute can be an additional conditional on top of aspecific account or biometric profile. For example, a sender account(e.g., John) may send a message with a privacy setting indicating Nancyas the recipient account. In some cases, the privacy setting can add anattribute of the recipient profile being female.

The privacy shield may be implemented, for example, as a screen lock, ascrambling of the message content, a blur of the message content, ablackout of the message content, an alert being sent to the messagesender and/or the message recipient, capturing of a photograph of anoffender detected by the biometric security mechanism, or anycombination thereof. In some embodiments, the biometric securitymechanism continuously loops through the one or more types of biometricrecognition processes. In some embodiments, the biometric securitymechanism disengages the privacy shield whenever an authorized biometricprofile is recognized and detected. In some embodiments, the biometricsecurity mechanism engages the privacy shield whenever a non-authorizedbiometric profile is detected.

A sender account or a recipient account can be associated with a singleindividual or a group of individuals. In the case of a group ofindividuals, biometric profiles of every member are associated with thesender account or the recipient account.

Failsafe Scenarios

In various embodiments, the biometric security mechanism may depend onat least a biometric recognition process. However, there may bescenarios where the biometric recognition process is inaccurate,inconsistent, unavailable, irrelevant, or any combination thereof. Underthose scenarios, the biometric security mechanism may deploy at least analternative biometric recognition process or an alternative method ofauthentication (e.g., passcode-based authentication ortoken-possession-based authentication). For example, unavailability ofthe biometric recognition process may be due to a sensor malfunction, asensor being blocked, a hardware or software driver of the sensormalfunctioning, or any combination thereof. For example, the biometricrecognition process may determine that the results of its biometricprofile recognition are irrelevant because the end-user device is insidea pocket, because the end-user device is not facing an operator, orbecause the operator is determined to be driving (e.g., the location ofthe end-user device is moving rapidly beyond a threshold or the end-userdevice is accelerating beyond a threshold).

In some embodiments, the biometric recognition process can include anerror checking process. The error checking process can determine whetheror not the sensor or the driver of the sensor is returning measurementsconsistent with past history, specification, and/or otherwiseconsistent. The biometric recognition process can determine whether itis inaccurate or inconsistent based on the results of that errorchecking.

In some embodiments, the biometric security mechanism can supplement thebiometric recognition process with additional authentication data. Forexample, the biometric security mechanism can monitor motion of theend-user device using a motion sensor. Whenever the motion indicatesthat an orientation of the end-user device is changing, the privacyshield is activated to protect content of a message. This isadvantageous to prevent the recipient user to show the content of themessage to another person against the sender's permission settings.

In some embodiments, even when a message is received by a recipient userwho is validated via the biometric recognition process, a privacy shieldcan still disable/hide the message if the end-user device (e.g., a smartphone) swivels in either direction from a presumed location of thevalidated recipient user. This is advantageous because, by swiveling theend-user device, the end-user device is likely losing contact with thevalidated recipient user or a display of the end-user device is beingredirected to another. As such, the content of the message is no longersecure from the perspective of the sender.

One or more accelerometers or motion sensors can be part of thebiometric security mechanism to supplement the biometric recognitionprocess. The motion data can ensure the safety of the sender's content.For example, a combination of facial recognition with accelerometer dataprovides a double layer security to protect the content of a messagefrom the sender's perspective.

Alternative Embodiments

The disclosure above pertains to the specific example of an electronicmessaging system for delivery of text, images, audio clips, or videoclips. However, it is within the contemplation of this disclosure toimplement the biometric security mechanism to other similar systems thatincludes registration of a sender account and the receiver account. Forexample, the biometric security mechanism can apply to email, socialnetwork, dating network, event/meet up invitation, physical delivery ofgoods, enterprise messaging (e.g., financial agent to customermessaging, real estate agent to customer messaging, medical professionalmessaging, etc.), or any combination thereof. The biometric securitymechanism is advantageous in enforcing privacy setting of the sender atthe device of the recipient. This is an improvement over existingtechnology that only seeks to protect against unauthorized exposure ofcontent on behalf of the device owner but not on behalf of the sender.

The biometric security mechanism is also advantageous in preventingimpersonation attempts, such as for the purpose of cyber bullying, byverifying the identity of a message sender when composing a message.This improves the overall accountability of messaging within themessaging system. Similarly, in an enterprise environment, theauthentication in both viewing and composition of the message enhancesenterprise-level security and compliance (e.g., such as eHealthcompliance when the message content involves medical information).

The disclosure above assumes that the messaging application implementsboth the biometric security mechanism and a messaging interface (e.g.,to compose and read messages). However, it is within the contemplationof this disclosure to implement the biometric security mechanism on aseparate device or application from where the messaging interface isimplemented. For example, in the case of an enterprise email system, anemail access interface may be provided on a desktop computer while thebiometric security mechanism may be implemented on a mobile device(e.g., a smart phone). In this example, the biometric security mechanismcan require the mobile device to connect with the email access interfaceon the desktop computer. The biometric security mechanism can performthe biometric recognition process to verify that there is a secureenvironment near the desktop computer (e.g., no unauthorized user aroundand/or an authorized user is present). In response to verifying a secureenvironment, the biometric security mechanism can notify the emailaccess interface to reveal content of a message.

FIGS. 1A through 1C illustrate an example of the biometric securitymechanism that implements a facial recognition process to protect theprivacy of both a sender of a message and a recipient of the message.FIG. 1A is a diagram illustrating a messaging application of a mobiledevice revealing content of a message when a facial profile associatedwith a recipient account is recognized, in accordance with variousembodiments. FIG. 1B is a diagram illustrating a messaging applicationof a mobile device hiding content of a message when a facial profileassociated with a recipient account is not detected, in accordance withvarious embodiments. FIG. 1C is a diagram illustrating a messagingapplication of a mobile device hiding content of a message when a facialprofile associated with a recipient account is detected and a secondunauthorized facial profile is detected, in accordance with variousembodiments.

FIG. 2 is a block diagram of a system environment of a messaging system200 implementing a biometric security mechanism, in accordance withvarious embodiments.

The messaging system 200 can communicate with client devices 202 (e.g.,mobile phones, tablets, desktop computers, laptops, othernetwork-enabled devices, or any combination thereof). The messagingsystem 200 can include a messaging platform 204 (e.g., one or morecomputer servers) configured to provide a service to facilitate humanunderstandable electronic communication between user accounts. The humanunderstandable electronic communication can include emoticons, text,photos, audio clips, videos, links, images, or any combination thereof.The human understandable content of the electronic communication may bepart of an electronic message or can be referenced in the electronicmessage (e.g., stored elsewhere that is accessible through a network).

In some embodiments, each of the client devices 202 can have an instanceof a messaging interface 206 and a biometric security engine 207 runningthereon that communicates with the messaging platform 204. In someembodiments, the messaging interface 206 and the biometric securityengine 207 are part of a messaging application running and/or installedon the client device. In some embodiments, the messaging interface 206is installed and/or running on a first client device and the biometricsecurity engine 207 is install and/or running on a second client device.In these embodiments, the biometric security engine 207 on the secondclient device can control a privacy shield implemented by the messaginginterface 206.

For example, the messaging interface 206 and/or the biometric securityengine 207 can be embodied as a mobile application running on operatingsystems of some of the client devices 202. In another example, themessaging interface 206 and/or the biometric security engine 207 can beimplemented as a web-based application running on web browsers on someof the client devices 202.

The client devices 202 can be associated with user accounts. In someembodiments, a user account of the messaging system 200 can havemultiple client devices associated therewith. In some embodiments, aclient device can have multiple user accounts associated therewith.Conversations between user accounts are tracked by the messaging system200 such that the messaging system 200 can deliver an electronic messagefrom a client device of one user account to a client device of anotheruser account.

In some embodiments, the messaging system 200 can include a user profiledatabase 208. The user profile database 208 is configured to store userprofiles of one or more user accounts. The user profiles may beassociated with one or more social networking systems (e.g., anaffiliated social networking system, a social networking systemintegrated with the messaging system 200, or an external socialnetworking system) and social network profiles in the social networkingsystems.

In various embodiments, the messaging interface 206 can implement aprivacy shield. The biometric security engine 207, for example, canrecognize whether or not an authorized user is present by analyzing avideo feed from its respective client device using a facial recognitionalgorithm. The messaging platform 204 can maintain biometric profiles ofuser accounts in the user profile database 208. The messaging platform204 associates a sender account and a receiver account with everymessage (e.g., as specified by the sender account). The biometricprofiles of the sender account and the receiver account can be bothconsidered “authorized users.” One or more lists of authorized users maybe stored in an authorization database 210. The authorization database210 can also maintain one or more lists of blacklisted user accountsthat are explicitly unauthorized. In some embodiments, the senderaccount, the receiver account, or both can add additional user accountsinto the list of authorized users. In some embodiments, the senderaccount, the receiver account, or both can add one or more user accountsinto the list of “blacklisted” user accounts.

The authorization database 210 can store a list of authorized userspecific to a message conversation or specific to a user account (e.g.,specific to a sender account, a receiver account, or both). For example,for each message or a conversation sent or each message or conversationreceived, a user can add or remove one or more accounts from the list ofauthorized users or blacklisted users. For another example, a first useraccount can add a second user account as an authorized user (e.g., aspouse) or a blacklisted user (e.g., a rival friend or sibling) for allconversations that the first user account participates in. In someembodiments, e.g., as required by law, the authorization database 210can also store a list of globally authorized users.

The messaging platform 204 can communicate with the biometric securityengine 207 to secure content of messages. For example, the messagingplatform 204 can send biometric profiles (e.g., facial profiles) of theauthorized users and/or expressly unauthorized users to be verified on aclient device by the biometric security engine 207. The biometricsecurity engine 207 can monitor outputs of a sensor 214 (e.g., a camera)to detect and recognize biometric profiles. In some embodiments, themessaging platform 204 can request the biometric security engine 207 tocapture and send an image or a video of its operator to be verified onthe messaging platform 204. In those embodiments, the messaging platform204 returns the result of the verification back to the biometricsecurity engine 207.

Once the biometric security engine 207 determines that a secureenvironment is present, the biometric security engine 207 can controlthe privacy shield implemented in the messaging interface 206 to eitherreveal or hide content of a message. The privacy shield implemented bythe messaging interface 206 can reveal content of a message conversationwhen the authorized user is detected. In some embodiments, the privacyshield can hide the content in response to detecting both an authorizeduser and an unauthorized user (e.g., implicitly unauthorized orexpressly unauthorized). In some embodiments, the privacy shield canhide the content whenever an expressly unauthorized user account isdetected.

Functional components (e.g., engines, modules, and databases) associatedwith the messaging system 200 can be implemented as circuitry, firmware,software, or other functional instructions. For example, the functionalcomponents can be implemented in the form of special-purpose circuitry,in the form of one or more appropriately programmed processors, a singleboard chip, a field programmable gate array, a network-capable computingdevice, a virtual machine, a cloud computing environment, or anycombination thereof. For example, the functional components describedcan be implemented as instructions on a tangible storage memory capableof being executed by a processor or other integrated circuit chip. Thetangible storage memory may be volatile or non-volatile memory. In someembodiments, the volatile memory may be considered “non-transitory” inthe sense that it is not a transitory signal. Memory space and storagesdescribed in the figures can be implemented with the tangible storagememory as well, including volatile or non-volatile memory.

Each of the functional components may operate individually andindependently of other functional components. Some or all of thefunctional components may be executed on the same host device or onseparate devices. The separate devices can be coupled through one ormore communication channels (e.g., wireless or wired channel) tocoordinate their operations. Some or all of the functional componentsmay be combined as one component. A single functional component may bedivided into sub-components, each sub-component performing separatemethod step or method steps of the single component.

In some embodiments, at least some of the functional components shareaccess to a memory space. For example, one functional component mayaccess data accessed by or transformed by another functional component.The functional components may be considered “coupled” to one another ifthey share a physical connection or a virtual connection, directly orindirectly, allowing data accessed or modified by one functionalcomponent to be accessed in another functional component. In someembodiments, at least some of the functional components can be upgradedor modified remotely (e.g., by reconfiguring executable instructionsthat implements a portion of the functional components). The systems,engines, or devices described may include additional, fewer, ordifferent functional components for various applications.

FIG. 3A is a flow chart of a method 300 of operating a messagingapplication (e.g., the messaging interface 206 or the biometric securityengine 207 of FIG. 2) on a mobile device (e.g., one of the clientdevices 202 of FIG. 2) to register a user account on a messaging serversystem (e.g., the messaging system 200 of FIG. 2), in accordance withvarious embodiments. The method 300 can include the messagingapplication receiving an indication of intent from a user to registerthe user account in step 302. In step 304, the messaging applicationdisplays an interactive interface to engage the user to type on themobile device. In step 306, the messaging application determines thatthe user is actively typing. In step 308, the messaging applicationcaptures a facial image from a camera of the mobile device in responseto determining that the user is actively typing. In step 310, themessaging application uploads the facial image to the message serversystem to build a facial profile model that is capable of being used forfacial recognition.

FIG. 3B is a flow chart of a method 330 of operating a messagingapplication (e.g., the messaging interface 206 or the biometric securityengine 207 of FIG. 2) on a computing device (e.g., one of the clientdevices 202 of FIG. 2) to send a message, in accordance with variousembodiments. The method 330 can include step 332 of the messagingapplication determining that a messaging interface of the messagingapplication is active to compose or send a message. Then in step 334,the messaging application determines that a user account is logged invia the messaging application to a messaging server system. In step 336,the messaging application monitors a video feed from a camera of thecomputing device to detect a face utilizing a facial recognition processbased on at least a facial profile model associated with the useraccount when the messaging interface is determined to be active. In step338, in response to determining that the detected face does not matchthe facial profile model associated with the user account, the messagingapplication prevents the message from being delivered to a recipientaccount.

In some embodiments, the method 330 can further include enabling themessage to be delivered to the recipient account in response todetermining that the detected face matches the facial profile modelassociated with the user account. In some embodiments, the method 330can further include capturing an image via the camera while themessaging interface is active; and providing the image to the messageserver system to forward to a recipient device associated with therecipient account.

FIG. 3C is a flow chart of a method 370 of operating a messagingapplication (e.g., the messaging interface 206 or the biometric securityengine 207 of FIG. 2) on a computing device (one of the client devices202 of FIG. 2) to access a message, in accordance with variousembodiments. The method 370 can include the messaging applicationdetermining that a messaging interface of the messaging application isactive and revealing or about to reveal a message in step 372. In step374, the messaging application determines a recipient account for amessaging server system is associated with the message. In step 376, themessaging application monitors a video feed from a camera of thecomputing device to detect a face utilizing a facial recognition processbased on at least a facial profile model associated with the recipientaccount when the messaging interface is determined to be active. In step378, the messaging application activates a privacy shield to preventcontent of the message from being revealed, in response to determiningthat the detected face does not match the facial profile modelassociated with the recipient account.

In some embodiments, step 376 includes performing the facial recognitionprocess in accordance with a cyclic schedule while the messaginginterface is active. In some embodiments, step 378 includes detectingtwo or more faces and step 378 includes activating the privacy shieldwhen one of the detected faces matches the recipient account.

In some embodiments, the method 370 can further comprise: gatheringmotion data from a sensor in the computing device; determining whether adisplay of the computing device showing the messaging interface ischanging orientation; and, in response to determining that the displayis changing orientation, activating the privacy shield. In someembodiments, the recipient account is indicated per message or perconversation.

In some embodiments, the method 370 can further comprise: determiningwhether the facial recognition process is inaccurate, inconsistent,unavailable, irrelevant, or any combination thereof; and, in response todetermining that the facial recognition process is inaccurate,inconsistent, unavailable, irrelevant, or any combination thereof,performing an alternative biometric recognition process to verifypresence of the recipient account. For example, the alternativebiometric recognition process can include ear recognition, speakerrecognition, tactile contact recognition, motion pattern recognition, orany combination thereof.

In some embodiments, step 376 includes performing the facial recognitionprocess against facial profile models associated with an externaldatabase. For example, the external database can be a criminal database,sexual predictor database, missing person database, amber alertdatabase, medical database, legal compliance-related database, or anycombination thereof.

While processes or methods are presented in a given order, alternativeembodiments may perform routines having steps, or employ systems havingblocks, in a different order, and some processes or blocks may bedeleted, moved, added, subdivided, combined, and/or modified to providealternative or subcombinations. Each of these processes or blocks may beimplemented in a variety of different ways. In addition, while processesor blocks are at times shown as being performed in series, theseprocesses or blocks may instead be performed in parallel, or may beperformed at different times.

FIG. 4 is a block diagram of an example of a computing device 400, whichmay represent one or more computing device or server described herein,in accordance with various embodiments. The computing device 400 can beone or more computing devices that implement the messaging system 200 ofFIG. 2 or methods and processes described in this disclosure. Thecomputing device 400 includes one or more processors 410 and memory 420coupled to an interconnect 430. The interconnect 430 shown in FIG. 4 isan abstraction that represents any one or more separate physical buses,point-to-point connections, or both connected by appropriate bridges,adapters, or controllers. The interconnect 430, therefore, may include,for example, a system bus, a Peripheral Component Interconnect (PCI) busor PCI-Express bus, a HyperTransport or industry standard architecture(ISA) bus, a small computer system interface (SCSI) bus, a universalserial bus (USB), IIC (I2C) bus, or an Institute of Electrical andElectronics Engineers (IEEE) standard 1494 bus, also called “Firewire”.

The processor(s) 410 is/are the central processing unit (CPU) of thecomputing device 400 and thus controls the overall operation of thecomputing device 400. In certain embodiments, the processor(s) 410accomplishes this by executing software or firmware stored in memory420. The processor(s) 410 may be, or may include, one or moreprogrammable general-purpose or special-purpose microprocessors, digitalsignal processors (DSPs), programmable controllers, application specificintegrated circuits (ASICs), programmable logic devices (PLDs), trustedplatform modules (TPMs), or the like, or a combination of such devices.

The memory 420 is or includes the main memory of the computing device400. The memory 420 represents any form of random access memory (RAM),read-only memory (ROM), flash memory, or the like, or a combination ofsuch devices. In use, the memory 420 may contain a code 470 containinginstructions according to the mesh connection system disclosed herein.

Also connected to the processor(s) 410 through the interconnect 430 area network adapter 440 and a storage adapter 450. The network adapter 440provides the computing device 400 with the ability to communicate withremote devices, over a network and may be, for example, an Ethernetadapter or Fibre Channel adapter. The network adapter 440 may alsoprovide the computing device 400 with the ability to communicate withother computers. The storage adapter 450 enables the computing device400 to access a persistent storage, and may be, for example, a FibreChannel adapter or SCSI adapter.

The code 470 stored in memory 420 may be implemented as software and/orfirmware to program the processor(s) 410 to carry out actions describedabove. In certain embodiments, such software or firmware may beinitially provided to the computing device 400 by downloading it from aremote system through the computing device 400 (e.g., via networkadapter 440).

The techniques introduced herein can be implemented by, for example,programmable circuitry (e.g., one or more microprocessors) programmedwith software and/or firmware, or entirely in special-purpose hardwiredcircuitry, or in a combination of such forms. Special-purpose hardwiredcircuitry may be in the form of, for example, one or moreapplication-specific integrated circuits (ASICs), programmable logicdevices (PLDs), field-programmable gate arrays (FPGAs), etc.

Software or firmware for use in implementing the techniques introducedhere may be stored on a machine-readable storage medium and may beexecuted by one or more general-purpose or special-purpose programmablemicroprocessors. A “machine-readable storage medium,” as the term isused herein, includes any mechanism that can store information in a formaccessible by a machine (a machine may be, for example, a computer,network device, cellular phone, personal digital assistant (PDA),manufacturing tool, any device with one or more processors, etc.). Forexample, a machine-accessible storage medium includesrecordable/non-recordable media (e.g., read-only memory (ROM); randomaccess memory (RAM); magnetic disk storage media; optical storage media;flash memory devices; etc.), etc.

The term “logic,” as used herein, can include, for example, programmablecircuitry programmed with specific software and/or firmware,special-purpose hardwired circuitry, or a combination thereof.

Some embodiments of the disclosure have other aspects, elements,features, and steps in addition to or in place of what is describedabove. These potential additions and replacements are describedthroughout the rest of the specification. For example, some embodimentsinclude a computer-implemented method of operating a messagingapplication on a computing device to access an electronic message. Thecomputer-implemented method can include the messaging applicationdetermining that a messaging interface of the computing device is activeand is revealing or about to reveal the electronic message. Themessaging application can identify a recipient account of a messagingserver system that is associated with the electronic message accordingto the electronic message or the messaging server system. The messagingapplication can monitor a data feed (e.g., video feed) from a camera ofthe computing device to detect a biometric pattern (e.g., one or morefacial features) that matches against a biometric profile model (e.g., afacial profile model) associated with the recipient account utilizing abiometric recognition process (e.g., a facial recognition process), whenthe messaging interface is determined to be active. In response todetermining that the detected biometric pattern does not match thebiometric profile model associated with the recipient account, themessaging application can activate a privacy shield to prevent contentof the electronic message from being revealed. In some embodiments, therecipient account is indicated per message. In some embodiments, theconversing accounts are indicated in every conversation.

In some embodiments, the messaging application can receive the biometricprofile model from the messaging server system. In some embodiments, themessaging server system can encrypt the biometric profile model prior tosending it to the messaging application. In some embodiments, whenmonitoring the video feed, the messaging application can also update thebiometric profile model while the messaging interface is active and thedetected biometric pattern is confirmed to be associated with therecipient account.

In some embodiments, the messaging application, when monitoring the datafeed, can perform the biometric recognition process in accordance with acyclic schedule while the messaging interface is active. In someembodiments, the messaging application, when monitoring the data feed,can detect two or more faces. In these embodiments, the messagingapplication can activate the privacy shield when one of the detectedfaces matches the recipient account.

In some embodiments, the messaging application gathers motion data froma sensor in the computing device. The messaging application candetermine whether a display of the computing device showing themessaging interface is changing orientation. In response to determiningthat the display is changing orientation, the messaging application canactivate the privacy shield.

In some embodiments, the messaging application can determine whether thebiometric recognition process is inaccurate, inconsistent, unavailable,irrelevant, or any combination thereof. In response to determining thatthe biometric recognition process is inaccurate, inconsistent,unavailable, irrelevant, or any combination thereof, the messagingapplication can perform an alternative biometric recognition process toverify presence of the recipient account. For example, the alternativebiometric recognition process can include ear recognition, speakerrecognition, tactile contact recognition, motion pattern recognition, orany combination thereof.

In some embodiments, when performing the biometric recognition process,the biometric pattern is compared against one or more biometric profilemodels. For example, the biometric profile models can be stored in thecomputing device. For another example, the biometric profile models canbe stored in an external database (e.g., in the messaging serversystem). In some embodiments, the external database can be a criminaldatabase, sexual predictor database, missing person database, amberalert database, medical database, legal compliance-related database, orany combination thereof.

Some embodiments a manufactured data storage apparatus comprisingcomputer-executable instructions. The computer-executable instructionscan include instructions for determining that a messaging interface ofthe messaging application is active to compose or send the electronicmessage; instructions for determining that a user account is logged invia the messaging application to a messaging server system; instructionsfor monitoring a video feed from a camera of the computing device todetect a face utilizing a facial recognition process based on at least afacial profile model associated with the user account when the messaginginterface is determined to be active; and instructions for in responseto determining that the detected face does not match the facial profilemodel associated with the user account, preventing the electronicmessage from being delivered to a recipient account. Thecomputer-executable instructions can further include instructions for,in response to determining that the detected face matches the facialprofile model associated with the user account, enabling the electronicmessage to be delivered to the recipient account. Thecomputer-executable instructions can further include instructions forcapturing an image via the camera while the messaging interface isactive; and instructions for providing the image to the message serversystem to forward to a recipient device associated with the recipientaccount.

Some embodiments include a computer server. The computer server caninclude a processor and a memory apparatus storing executableinstructions to implement a messaging platform when executed by theprocessor. The messaging platform can be configured to receive anelectronic message from a first user account logged in from a first userdevice, wherein the electronic device is destined to a second useraccount; identify a second user device associated with the second useraccount; determine a permission setting for the electronic messageaccording to security setting provided by the first user account,wherein the permission setting identifies a biometric profile modelassociated with the second user account; and provide the electronicmessage and the permission setting to a messaging application executedon the second user device to cause the messaging application to enforcea biometric security mechanism based on the biometric profile modelidentified by the permission setting. The messaging platform can befurther configured to encrypt the biometric profile model and push thebiometric profile model to the second user device. In some embodiments,the messaging platform is configured to register the second user accountvia the second user device prior to receiving the electronic message andwherein the messaging platform is configured to record one or morebiometric patterns observed via a sensor of the second user device tobuild or update the biometric profile model.

Some embodiments include a computer-implemented method of operating amessaging application on a mobile device to register a user account on amessaging server system. The method can include the messagingapplication receiving an indication of intent from a user to registerthe user account; displaying an interactive interface to engage the userto type on the mobile device; determining that the user is activelytyping; in response to determining that the user is actively typing,capturing a facial image from a camera of the mobile device; anduploading the facial image to the message server system to build abiometric profile model that is capable of being used for facialrecognition.

What is claimed is:
 1. A receiver computer device comprising at leastone processor in communication with at least one memory device, whereinthe at least one processor is programmed to: instruct, the receivercomputer device, to display on a display screen a privacy screen;receive, at the receiver computer device from a sender computer device,an electronic message having an electronic content and an authenticsender identifier; in response to the electronic message and independentof any user interaction, instruct, the receiver computer device, tosimultaneously display on the display screen the privacy screen and theauthentic sender identifier to a user; receive, at the receiver computerdevice, biometric data of a user of the receiver computer device from atleast one sensor of the receiver computer device; validate the receivedbiometric data of the user in view of a stored biometric profile of theuser; and instruct, the receiver computer device, to remove the privacyscreen from the display screen and to display on the display screen theelectronic content of the electronic message if the received biometricdata matches the stored biometric profile of the user.
 2. The receivercomputer device of claim 1, wherein the biometric data of the usercorresponds to a biometric feature of the user detected by the at leastone sensor of the receiver computer device.
 3. The receiver computerdevice of claim 1, wherein the stored biometric profile of the user is afacial profile.
 4. The receiver computer device of claim 1, wherein theat least one processor is further programmed to monitor a sensor feedcomprising a data feed of the at least one sensor of the receivercomputer device.
 5. The receiver computer device of claim 4, wherein theat least one processor is further programmed to: determine whether morethan one individual is detected from the sensor feed; and preventdisplay of the electronic content of the electronic message on thereceiver computer device if more than one individual is detected.
 6. Thereceiver computer device of claim 1, wherein the receiver computerdevice is a smartphone.
 7. The receiver computer device of claim 1,wherein the electronic message is a multimedia messaging service (MMS)message.
 8. The receiver computer device of claim 1, wherein the atleast one processor is further programmed to prevent display of theelectronic content until detection of biometric data that is validatedin view of the stored biometric profile of the user.
 9. The receivercomputer device of claim 1, wherein the electronic content of theelectronic message is revealed while a screen of the receiver computerdevice remains locked from additional access.
 10. The receiver computerdevice of claim 1, wherein the electronic content of the electronicmessage is revealed on a lock screen view.
 11. A computer-implementedmethod of operating a messaging application, the method implemented by areceiver computer device comprising at least one processor and at leastone memory, the method comprising: instructing, the receiver computerdevice, to display on a display screen a privacy screen; receiving, atthe receiver computer device from a sender computer device, anelectronic message having an electronic content and an authentic senderidentifier; in response to the electronic message and independent of anyuser interaction, instructing, the receiver computer device, tosimultaneously display on the display screen the privacy screen and theauthentic sender identifier to a user; receiving, at the receivercomputer device, biometric data of a user of the receiver computerdevice from at least one sensor of the receiver computer device;validating the received biometric data of the user in view of a storedbiometric profile of the user; and instructing, the receiver computerdevice, to remove the privacy screen from the display screen and todisplay on the display screen the electronic content of the electronicmessage if the received biometric data of the user is validated.
 12. Themethod of claim 11, wherein the biometric data corresponds to abiometric feature detected by the at least one sensor of the receivercomputer device.
 13. The method of claim 11, wherein the storedbiometric profile of the user is a facial profile.
 14. The method ofclaim 11, further comprising monitoring a sensor feed comprising a datafeed of the at least one sensor of the receiver computer device.
 15. Themethod of claim 14 further comprising: determining whether more than oneindividual is detected from the data feed of the at least one sensor;and preventing display of the electronic content of the electronicmessage on the receiver computer device if more than one individual isdetected.
 16. The method of claim 11, wherein the receiver computerdevice is a smartphone.
 17. The method of claim 11, wherein theelectronic message is a multimedia messaging service (MMS) message. 18.The method of claim 11 further comprising preventing display of theelectronic content until detection of biometric data that is validatedin view of the stored biometric profile.
 19. At least one non-transitorycomputer-readable storage media having computer-executable instructionsembodied thereon, wherein when executed by a receiver computer devicehaving at least one processor in communication with at least one memorydevice, the computer-executable instructions cause the processor to:instruct, the receiver computer device, to display on a display screen aprivacy screen; receive, at the receiver computer device from a sendercomputer device, an electronic message having an electronic content andan authentic sender identifier; in response to the electronic messageand independent of any user interaction, instruct, the receiver computerdevice, to simultaneously display on the display screen the privacyscreen and the authentic sender identifier; receive, at the receivercomputer device, biometric data of a user of the receiver computerdevice from at least one sensor of the receiver computer device;validating the received biometric data of the user in view of a storedbiometric profile of the user; and instruct, the receiver computerdevice, to remove the privacy screen from the display screen and todisplay on the display screen the electronic content of the electronicmessage if the received biometric data is validated.
 20. The at leastone non-transitory computer-readable storage media of claim 19, whereinthe biometric data corresponds to a biometric feature detected by the atleast one sensor of the receiver computer device and wherein the storedbiometric profile is a facial profile.